JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 104.207.57.118

104.207.57.118 was found in our database!

This IP was reported 136 times. Confidence of Abuse is 4%: ?

ISP	3xK Tech GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS200373
Domain Name	3xktech.cloud
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 104.207.57.118

Whois 104.207.57.118

IP Abuse Reports for 104.207.57.118:

This IP address has been reported a total of 136 times from 19 distinct sources. 104.207.57.118 was first reported on June 6th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Sklurk	2026-06-15 03:34:44 (3 days ago)	Web App Attack	Web App Attack
🇦🇺 RedBear IT	2026-03-26 10:00:37 (2 months ago)	"DDoS against public endpoint"	DDoS Attack
🇳🇱 jjnxpct	2026-02-16 04:54:58 (4 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.env (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .env found within REQUEST_FILENAME: /.env] show less	Hacking Web App Attack
Anonymous	2026-02-15 13:05:28 (4 months ago)	WAF repeated trigger detected by Fail2Ban	Web App Attack
🇬🇧 consul.to	2026-02-15 12:50:20 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 05:15:55 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:15:47.616452 2026] [security2:error] [pid 22104:tid 22128] [client 104.207.57.118:58915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "super-8mm.net"] [uri "/new/.git/config"] [unique_id "aZFWg5dbqspsQW1awXA-vAAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 alph44	2026-02-15 03:52:26 (4 months ago)	(mod_security) mod_security (id:949110) triggered by 104.207.57.118 (DE/Germany/-): 5 in the last 36 ... show more (mod_security) mod_security (id:949110) triggered by 104.207.57.118 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: show less	Web App Attack
🇩🇪 Lino Project	2026-02-15 03:36:59 (4 months ago)	104.207.57.118 - - [15/Feb/2026:04:36:58 +0100] "GET /backup/.git/config HTTP/1.1" 404 418 "-" "Mozi ... show more 104.207.57.118 - - [15/Feb/2026:04:36:58 +0100] "GET /backup/.git/config HTTP/1.1" 404 418 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" 104.207.57.118 - - [15/Feb/2026:04:36:59 +0100] "GET /new/.git/config HTTP/1.1" 404 418 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-02-15 03:05:41 (4 months ago)	Too many Status 40X (12) Scanning/Probing (15)	Brute-Force Web App Attack
🇫🇷 dynamix	2026-02-15 00:29:56 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-15 00:25:30 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 19:25:23.129803 2026] [security2:error] [pid 14023:tid 14023] [client 104.207.57.118:30117] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "loveoflearning.com"] [uri "/wp/.git/config"] [unique_id "aZESc4eRw5sMXhXU_4QczQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-02-15 00:08:21 (4 months ago)	IM360 WAF: Laravel .env file access	Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 23:24:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 18:24:21.337541 2026] [security2:error] [pid 629:tid 629] [client 104.207.57.118:40095] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liyatalton.com"] [uri "/backend/.env"] [unique_id "aZEEJbfuT0uH9-QH3h1kkwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 22:02:40 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 17:02:37.103682 2026] [security2:error] [pid 16089:tid 16089] [client 104.207.57.118:37997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobresearchinc.com"] [uri "/v2/.git/config"] [unique_id "aZDw_bKxfMFxAWUOLf195QAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 21:46:41 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.207.57.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 16:46:35.294709 2026] [security2:error] [pid 28978:tid 28978] [client 104.207.57.118:57163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mlbechler.com"] [uri "/new/.git/config"] [unique_id "aZDtO8DT10i9JCnPrGm0RAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 136 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 100.24.167.60

🇧🇬 5.188.206.30

🇧🇷 189.80.44.147

🇫🇷 85.217.140.24

🇺🇸 66.175.212.77

🇳🇱 45.153.34.71

🇮🇳 223.237.148.106

🇩🇪 213.209.159.11

🇰🇷 211.247.127.250

🇺🇸 193.37.33.129

🇧🇷 181.192.121.92

🇺🇸 162.216.149.139

🇮🇹 151.115.166.76

🇭🇰 118.26.153.102

🇮🇩 103.172.20.218

🇺🇸 66.132.195.145

🇺🇸 64.225.53.191

🇳🇱 45.198.224.5

🇨🇳 27.215.45.85

🇨🇳 144.123.76.151